<?php
//  Developed by Roshan Bhattarai 
//  Visit http://roshanbh.com.np for this script and more.
//  This notice MUST stay intact for legal use

//Connect to database from here
require("../configuration.php");
//get the posted values
$user_name=htmlspecialchars($_POST['user_name'],ENT_QUOTES);
$pass=md5($_POST['password']);

//now validating the username and password
$sql="SELECT id,u_login, u_password FROM users WHERE u_login='".$user_name."'";
$result=mysql_query($sql);
$row=mysql_fetch_array($result);

//if username exists
if(mysql_num_rows($result)>0)
{
        //compare the password
        if(strcmp($row['u_password'],$pass)==0)
        {
                echo "yes";
                //now set the session from here if needed
                $_SESSION['u_login']=$user_name;
                $_SESSION['user_id'] =$row['id'];
                $_SESSION['page_status']=2; 
				$sql="UPDATE users SET u_lastvisitdate=now() WHERE id='".$_SESSION['user_id']."'";
				mysql_query($sql);
        }
        else
                echo "no"; 
}
else
        echo "no"; //Invalid Login


?>